Newsfeeds

Manage client connections and configuration to allow reusability and consistency with external clients.

This is a configuration repository for interacting with different services. It allows defining a plugin with methods to interact with that service's API. A configuration entity is passed in to the plugin when initialized, which the plugin can then use (for example: API keys). Handling clients this way also allows the clients to be resolved based on context (IE, it may resolve to global configuration, or possibly configuration based on the current route, user, etc.).

Mantic’s The Walking Dead: All Out War pits you against your opponent for control of the board and resources. Oh, and there’s hoards of zombies walking around. Can’t forget those (it is kinda right in the name). The game is rather scenario-heavy, and it can potentially lead to running out of new ones to try. […]

I was explaining to my 12 year old, Ben, the pushback I am getting around making the Contribute module a dependency of the Webform module and how most people agree with the Contribute module's general concept and message but are unhappy about how and where I placed it. Ben shrugged and says "So basically you are holding up a protest sign, people are agreeing with it but because it is inconveniencing them and they are upset at you and want you to remove it".

So the Contribute module is a protest/political statement; I am okay with admitting that. Many of the expressed concerns are immediately addressed by the fact that there are three different mechanisms to remove the dependency. The beauty of open source is that, if you don't like something, you have the freedom to change it.

For anyone truly worried that the Webform module will indefinitely depend on the Contribute module, it’s worth noting that all protests, political statements, revolts, and revolutions have to end at some point (aka release).

For the time being, however, I am going to keep maintaining the Webform module as well as working on (and defending) the Contribute module.

The Contribute module is not going bring down your website

A few people have expressed concerns about the Contribute module being unneeded and fear it is posing a security risk. Considering people are trusting my 10000+ lines of code in Webform module on production websites to build forms and securely collect data, this seems a bit extreme. To my mind, what seems like the biggest security risk in the Drupal community is unmaintained and unstable modules running on 100,000's of websites. The Rules module is a great example of key Drupal module that is still in alpha releases while being used on a production website....Read More

Yeah, I know, it’s a funny headline, but it’s what we’ve got. Cryptozoic has posted up a preview of the games that they will be previewing at New York Toy Fair 2018 (which is less than a week away). They’ll have two Rick and Morty games, two DC Deck-Building sets, and a pair of standalone […]

We have had a tradition since 2005. Every new year we have a posting on the predictions for the year ahead for our beloved open source CMS and community. Sometimes this posting went up in december, sometimes in January. But never in February.

Time to start a new tradition, predict the year ahead from February on :-)

Leave a comment if you do think that blogging will get hip again, RSS will gain new ground. What will the roll of the Drupal Association be in the new year? Where will the next DrupalCon be? Will the community grow and in what direction? API first, customer first, mobile first?

Polish your crystal ball and tell us what the future of Drupal wil be.

Mayday! Mayday! Mayday! Mayday? We’ll have a parade! May not quite be here yet, but that’s not stopping Privateer Press from showing off what they’ll be releasing for Hordes that month. It looks like Legion will be the focus, as we’ve got a pair of new figures they’re showing off. With a gargled shriek, the […]

Mondays aren’t always the most-beloved day. But Wyrd does their best to make them a bit better with their regular previews. In this case, they’re tying up loose ends with the second half of their Undying Encounter Box. Have yourselves a look. From the post: Hey Wyrdos! It’s Monday and that means more previews!! This […]

Last week, the term open source itself turned 20! While the ideals of free and open source code had been discussed before January 1998, that was when Netscape released their browser source code.

We think it is going to change the way people actually develop these products dramatically for many, many years to come. This will be a historic day in that chain of events. - Jim Barksdale, Netscape CEO

It did. It was. But are the links this chain as strong today as 20 years ago?

A: We currently require that all submissions carry the GNU/GPL license. Thismay, or may not change in the future. For more information on the GNU/GPL,point the browser of your choice to http://www.gnu.org/.

You don't have to include a LICENSE.txt in your theme or module'sdirectory because there is global LICENSE.txt in the top-level directoryof the contributions repository. Furthermore, a LICENSE.txt willautomatically be added to each packaged theme or module (.tgz file) thatis offered for download at http://www.drupal.org/.

Other than getting more specific about the GPL-2.0+ policies and improving FAQ, the Drupal project's approach to licensing remained largely unchanged until 2018.

Did you know that Drupal themes and modules can now include popular font packages like Font Awesome?

WordPress now has more than 5,300 themes available on WordPress.org. There are even more commercially available themes that walk a strange line of GPL compliance. I know what you are going to say. Many of these WordPress themes are junk. Hundreds of these aren’t fully compatible with the current WP release. They have so many themes for a single use case like a recipe site or a bed and breakfast that require specific plugins.

All true… but I'll counter with the fact that there are thousands of WordPress themes and currently, only 270 themes available for Drupal 8.

You could argue that Drupal’s themes have to be more flexible to support any content type or view a site build dreams up and that many of Drupal themes are base themes that are designed to support custom theme development.

Again. All true… but I'll counter with the fact that there are thousands of WordPress themes and currently, only 270 themes available for Drupal 8.

While licensing policies are only one of many differences between the Drupal and WordPress theming ecosystems, the negative impact the additional effort required to complete Drupal's multistep installs has on adoption is a factor.

Won't Composer fix the multistep install issue?

It will, but it introduces new challenges like keeping up with the changes happening off the island. One change is that the Software Package Data Exchange (SPDX) specification that Composer uses has deprecated the use GPL-2.0+ in favor of GPL-2.0-or-later. SPDX is standard Composer uses for licensing.

While 2017 was a really dramatic year for open source, there are very few people in the world who really understand these licensing conflicts and even fewer members of the Drupal community. Most of us would prefer to believe we learned everything we need to know about sharing in kindergarten and just want to write, share and use code without getting lawyers involved.

Unfortunately for the GPL to work, someone has to understand the details and enforce them.

This is where the Drupal's Licensing Working Group comes in. Unlike the Drupal Security, Infrastructure or Community working groups, most members of the Drupal community have probably never heard of the Licensing Working Group.

The LWG currently has 3 members; Gisle Hannemyr (University of Oslo), Shawn DeArmond (University of California Davis) and myself (University of Colorado Boulder) and we’d like to expand the group. The Drupal project faces a number of challenges as we move from the safety of our island to a very different landscape for licensing and distribution than what existed in 2001.

If you download the plugin from WordPress.org and look in /vendor/aws/LICENSE.md, you’ll see that the Polly library is licensed as Apache-2.0. While it’s easy to find code using a variety of licenses that are clearly not GPL-2.0 compatible in plugins available for download from WordPress.org, the WordPress uses a similar strategy to Drupal where we don't police contributions. Both projects will only take action if someone reports the issue. So I did.

I'm hoping that between this post and that issue, I can elicit a response from the WordPress community about how they plan to deal with the Apache-2.0 problem.

Drupal projects are constantly running into Apache-2.0. The popular Accelerated Mobile Pages (AMP) module requires a library Google has licensed as Apache-2.0. This currently makes it impossible to include a functional version of that module in a Drupal distribution. Strangely, the most popular AMP plugin for WordPress reporting more than 200K installs and written by Automattic doesn't use Google's library.

While there was once a time when developers working in Drupal could ask large project to change their licensing and actually make it happen, even then it was a Don Quixote-esque undertaking that took years. I don't see a future where the Drupal project can get all of the projects we want included to use a different license or survive without being able to package those projects with our projects.

The LWG tries to advocate for licensing policy related changes that encourage contributions while helping to protect the DA from legally questionable activity on Drupal.org, but these aren't easy questions. There are downsides to distributing Drupal projects as GPL-3.0 or ignoring the licensing compatibility concerns the Free Software Foundation has with Apache-2.0, but we need to find our way forward soon.

I've proposed a Core Conversation session for DrupalCon that I really hope is accepted. How compatible the Drupal.org's policies are with the realities of collaborative development off the island will have a huge impact on the project's future as well as Drupal.org ability to remain relevant for project development and distribution.

It’s not just Arthurian-age figures that are now available from Warlord Games. They’re also offering new Napoleonic figures in the form of French Marines of the Guard, plus their commanders, over on their website. If you’d like to add to your Black Powder forces, now’s your chance to add some of the most fearsome fighters […]

So… it’s Monday. Maybe we shouldn’t dwell on that, but, instead remember the games we all (hopefully) played on the weekend. Heck, my gaming started before I even left the office on Friday with a game of the Bloodborne Card Game. Then a game of Guild Ball on Saturday. Always wanting to get in more […]

Commanders in an army are the ones who give orders to the lower-ranking soldiers. These orders are represented in Star Wars: Legion, by you moving the figures around the board, but also by the Command Cards. They determine who will have priority during a turn, being played at the start of each. There are some […]

Is it just me, or is Z-Man Games turning into the “small community, apart from others, struggling against the elements”-game company? Not that there’s anything wrong with that, mind you. I just happened to notice the pattern with their new game they’ve announced called Lowlands, where players are working semi-together to run a town along […]

For all of the sites we consult on, and manage, we use the excellent memcache module, which replaces the core's database caching. Database caching works for low traffic simple sites, but cannot scale for heavy traffic or complex site.

Recently we were asked to consult on the slow performance of a site with an all authenticated audience. The site is indeed complex, with over 235 enabled modules, 130 enabled rules, and 110 views.

The site was moved from a dedicated server to an Amazon AWS cluster, with the site on one EC2 instance, the database on an RDS instance, and memcache on a third instance. This move was in the hope that Amazon's AWS will improve performance.

However, to their dismay, performance after the move went from bad (~ 5 to 7 seconds to load a page) to worse (~ 15 seconds).

We recommended to the client that we perform a Drupal performance assessment server on the site. We got a copy of the site and recreated the site in our lab, and proceeded with the investigation.

After some investigation we found that by having memcached on the same server that runs PHP made a significant performance improvement. This was logical, because with a site with all users logged in, there are plenty of calls to cache_get() and cache_set(). Each of these calls have to do a round trip over the network to the other server and back, even if it returns nothing. The same goes for database queries.

Instead of 29.0, 15.8, 15.9, and 15.5 seconds for different pages on the live site, the page loads in our lab on a single medium server were: 3.6, 5.5, 1.4, 1.5 and 0.6 seconds.

However, this victory was short lived. Once we put load on the web site, other bottlenecks were encountered.

We started with 200 concurrent logged in users on our lab server, and kept investigating and tweaking, running a performance test after each tweak to assess its impact.

The initial figures were: an average response time of 13.93 seconds, and only 6,200 page load attempts for 200 users (with 436 time outs).

So, what did we find? We found that the culprit was memcache! Yes, the very thing that helps site be scaleable was severely impeding scalability!

Why is this so? Because of the way it was configured for locking and stampede protection.

The above is for version 7.x of the module, and the same logic is in the Drupal 8.x branch as well.

If memcache_stampede_protection is set to TRUE, then there will be up to three attempts, with a 5 second delay each. The total then can be as high as 15 seconds when the site is busy, which is exactly what we were seeing. Most of the PHP processes will be waiting for the lock, and no free PHP processes will be available to serve requests from other site visitors.

One possible solution is to lower the number of attempts to 2 (memcache_stampede_wait_limit = 2), and the wait time for each attempt to 1 second (memcache_stampede_wait_time = 1), but that is still 2 seconds of wait!

We did exactly that, and re-ran our tests.

The figures were much better: for 200 concurrent logged in users, the the average response time was 2.89 seconds, and a total of 10,042 page loads, with 100% success (i.e. no time outs).

But a response time of ~ 3 seconds is still slow, and there is still the possibility of a pile up condition when all PHP processes are waiting.

So, we decided that the best course of action is not to use memcache's locking at all, nor its stampede protection, and hence deleted the two lines from settings.php:

The results were much better: for 200 concurrent logged in users, the average response time was 1.09 seconds, and a total of 11,196 pages with 100% success rate (no timeouts).

At this point, the server's CPU utilization was 45-55%, meaning that it can handle more users.

But wait! We forgot something: the last test was run with xhprof profiler left enabled by mistake from profiling the web site! That causes lots of CPU time being used up, as well as heavy writes to the disk as well.

So we disabled xhprof and ran another test: and the results were fantastic: for 200 concurrent logged in users, the average response time was just 0.20 seconds, and a total of 11,892 pages with 100% success rate (no timeouts).

Eureka!

Note that for the above tests, we disabled all the rules, disabled a couple of modules that have slow queries, and commented out the history table update query in core's node.module:node_tag_new(). So, these figures are idealized somewhat.

Also, this is a server that is not particularly new (made in 2013), and uses regular spinning disks (not SSDs).

For now, the main bottleneck has been uncovered, and overcome. The site is now only limited by other factors, such as available CPU, speed of its disks, complexity of modules, rules and views ...etc.

So, check your settings.php to see if you have memcache_stampede_protection enabled, and disable it if it is.

Well, Stuffed Fables has been released, and it seems the big reaction to it has been, “this is amazing! We want more!” Well, Plaid Hat Games is here to oblige. They’ve created a new, stand-alone story for the game that you can download and add to your storybook now. From the announcement: This lost story […]

Support the game designs and theoretical work of As If Productions. Written especially for roleplayers, GMs, game designers, artists and neophiles who are interested in experimental applications of narrative engineering.